Data protection policy

I. INFORMATION PURSUANT TO THE PROVISIONS OF LAW 34/2002 OF 11 JULY ON INFORMATION SOCIETY SERVICES AND ELECTRONIC COMMERCE

Pursuant to the provisions of Article 10 of Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (hereinafter “LSSI-CE”), the recipients of the service as well as the competent bodies are hereby expressly, specifically and unequivocally informed of the following aspects relating to the provider of information society services:

II. INFORMATION PURSUANT TO DATA PROTECTION REGULATIONS

In Europe and Spain, there are data protection rules intended to protect your personal information which our organisation must comply with.

This is why it is very important for us that you fully understand what we are going to do with the personal data we ask from you.

In this way, we will remain transparent and give you control over your data, using simple language and clear choices that will let you decide what to do with your personal information.

Should you have any queries after reading this information, please do not hesitate to ask us.

Thank you very much for your cooperation.

1. Contact our data protection officerDid you know that our organisation has a data protection officer to which you can send all your complaints, queries and suggestions on the use of your personal data?Our data protection officer is AUDIDAT and here are its contact details:

2. What are we going to use your data for?Generally speaking, your personal data will be used for us to interact with you, provide you with our services and respond to the requests you send us through the contact forms on our website.Likewise, it may also be used for other activities, such as sending advertisements or promoting our activities.

3. Why do we need to use your data?

Your personal data is necessary for us to interact with you and provide you with our services, allowing us to use your information lawfully.

Nevertheless, there are certain situations where we will need your prior permission in order to carry out certain activities, such as sending you advertisements or publishing your image on the Internet. To this end, you will find a series of boxes that will enable you to make clear and simple decisions on how your personal information can be used.

4. Who will have access to the information we ask from you?

Generally speaking, only duly authorised staff from our own organisation will have access to the information we ask from you.

Your personal information may also be disclosed to organisations that require access to your information in order for us to provide you with our services. For example, our bank will get your details if you use a credit card or do a bank transfer to pay for our services.

Likewise, your information may be disclosed to public or private organisations to which we are obliged to provide your personal data in compliance with the law. To cite an example, the General Tax Law obliges everyone to provide the Spanish Tax Agency with certain information on financial transactions that go beyond a certain amount.

In the event that, aside from the circumstances mentioned above, we need to disclose your personal information to other organisations, we will ask you for your permission to do so beforehand, providing you with clear choices that will let you decide in this regard.

5. How will we protect your data?

We will protect your data using effective security measures according to the risks involved in using your information.

To this end, our organisation has approved a Data Protection Policy and controls and audits are carried out on an annual basis to verify that your personal data is secure at all times.

6. Will we send your data to other countries?

There are countries around the world where your data is secure and others where it is not quite so. For example, the European Union is a secure environment for your data. Our policy is not to send your personal information to any country that is not secure from a data protection standpoint.

In the event that, in order to provide you with a service, it is necessary to send your data to a country that is not as secure as Spain, we will always ask you for your permission to do so beforehand and we will adopt effective security measures to mitigate the risks in sending your personal information to another country.

7. For how long will we keep your data?

We will keep your data for the duration of our relationship and while the laws oblige us to do so. Once the applicable legal time limits have passed, we will dispose of it in a secure and environmentally friendly manner.

8. What rights do you have with regard to data protection?

You can contact us at any time to find out what information we have about you, rectify it if it is incorrect and delete it once our relationship has ended should this be legally possible.

You also have the right to request the transfer of your information to another organisation. This right is called “portability” and may prove to be useful in certain situations.

To exercise any of these rights, you must send us a written request to our address, together with a photocopy of your national identity card (DNI) in order to verify your identity.

There are specific forms to exercise these rights found at our offices and we will be happy to provide you with assistance in filling them in.

To learn more about your rights with regard to data protection, you can visit the Spanish Data Protection Agency website (www.agpd.es).

9. Can you revoke consent if you change your mind at a later time?

You may revoke your consent if you change your mind about the use of your data at any time.

For example, if you were interested in receiving advertisements of our products or services before but are no longer interested now, you can let us know by using the objection to processing forms available at our offices.

10. If you believe that your rights have been disregarded, where can you file a complaint?

If you believe that your rights have been disregarded by our organisation, you can file a complaint with the Spanish Data Protection Agency using one of the means below:

There is no cost to file a complaint with the Spanish Data Protection Agency and the services of a lawyer or court representative will not be necessary.

11. Will we create profiles on you?

Our policy is not to create profiles on the users of our services.

Nevertheless, there may be situations where, in order to provide services or for commercial or other types of purposes, we may need to create information profiles on you. An example would be using your purchase or service history in order to offer you products or services suited to your preferences or needs.

In such cases, we will always inform you of them beforehand and we will adopt effective security measures that protect your information at all times from unauthorised persons who wish to use it for their own benefit.

12. Will we use your data for other purposes?

Our policy is not to use your data for purposes other than the ones mentioned above. If, however, we need to use your data for different activities, we will always ask you for your permission beforehand, providing you with clear choices that will let you decide in this regard.

13. Quality of processed data

Our policy is not to collect data from children under thirteen years of age; in the event that a child under thirteen years of age provides us with their data, we will destroy it immediately.

You should not provide us with false data or data from third parties without their consent. You are responsible for the truthfulness and accuracy of the data provided.